Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sympoll | Synthetic_reality | 1.5 (including) | 1.5 (including) |
References
- http://secunia.com/advisories/10165
- http://sourceforge.net/tracker/index.php?func=detail\u0026aid=834374\u0026group_id=64442\u0026atid=507493
- http://www.osvdb.org/2790
- http://www.securityfocus.com/bid/8956
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13630
- http://secunia.com/advisories/10165
- http://sourceforge.net/tracker/index.php?func=detail\u0026aid=834374\u0026group_id=64442\u0026atid=507493
- http://www.osvdb.org/2790
- http://www.securityfocus.com/bid/8956
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13630